Remove a reference to the `compat.linux.osrelease' sysctl.
As Alexander Leidinger has pointed out: "glibc behaves differently based upon the value of it. It may refuse to do anything if it doesn't understand the value. Changing the value of osrelease is only advised in experimental situations (like in http://wiki.freebsd.org/linux-kernel) and may result even in kernel panics." I've replaced a reference to `compat.linux.osrelease' with a safer example, for setting `security.bsd.see_other_uids=0', which we already use as a sample /etc/sysctl.conf entry anyway.
This commit is contained in:
parent
a1b483e2cc
commit
2f18540604
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=29145
1 changed files with 9 additions and 6 deletions
|
@ -1686,13 +1686,16 @@ cron.* /var/log/cron
|
|||
form. The specified values are set after the system goes into
|
||||
multi-user mode. Not all variables are settable in this mode.</para>
|
||||
|
||||
<para>To turn off logging of fatal signal exits and let Linux
|
||||
programs know they are really running under &os;, the following
|
||||
tunables can be set in <filename>sysctl.conf</filename>:</para>
|
||||
<para>To turn off logging of fatal signal exits and prevent users from
|
||||
seeing processes started from other users, the following tunables can
|
||||
be set in <filename>sysctl.conf</filename>:</para>
|
||||
|
||||
<programlisting>kern.logsigexit=0 # Do not log fatal signal exits (e.g. sig 11)
|
||||
compat.linux.osname=&os;
|
||||
compat.linux.osrelease=4.3-STABLE</programlisting>
|
||||
<programlisting># Do not log fatal signal exits (e.g. sig 11)
|
||||
kern.logsigexit=0
|
||||
|
||||
# Prevent users from seeing information about processes that
|
||||
# are being run under another UID.
|
||||
security.bsd.see_other_uids=0</programlisting>
|
||||
</sect2>
|
||||
</sect1>
|
||||
|
||||
|
|
Loading…
Reference in a new issue